919e9fc9ac34c408157b403c3c3feccad73ff6332edae712203ee2b92e9e1abc

Sharing

Copy URL Twitter E-mail

General

Target

919e9fc9ac34c408157b403c3c3feccad73ff6332edae712203ee2b92e9e1abc
Size

556KB
MD5

cb479838d2a06776cc3e4b8198ef29a4
SHA1

9d8efe3a3eb1374b8f9e845e00acf3e5981f1917
SHA256

919e9fc9ac34c408157b403c3c3feccad73ff6332edae712203ee2b92e9e1abc
SHA512

606d65c5508a7e5ff2ab4a78c653dd8b42a3e22df3faf95feab62ac68123c554f4baed8123ccff2b3a4474b9eeef569493f63253e10c469d0d587d986f5e2773
SSDEEP

12288:0kq9ifgVB00NCj0Q3kUi1rmO8qFINRd+t:0B9mMBCBUUfO8q6

Score

N/A

Malware Config

Signatures

Files

919e9fc9ac34c408157b403c3c3feccad73ff6332edae712203ee2b92e9e1abc
.exe windows x86

760e8a470ad50170eb9dec948038fa14

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

rpcrt4

tree_peek_ndr
short_from_ndr_temp
long_from_ndr
float_from_ndr
UuidHash
RpcStringFreeA
RpcServerUseProtseqIfA
RpcNetworkInqProtseqsA
RpcMgmtSetCancelTimeout
RpcMgmtInqStats
RpcMgmtInqIfIds
RpcMgmtEpEltInqNextA
RpcBindingCopy
MesHandleFree
CStdStubBuffer_QueryInterface

kernel32

QueryPerformanceCounter
lstrcmpiA
VerLanguageNameW
VerLanguageNameA
SetTimeZoneInformation
SetLastError
ReleaseMutex
RegisterWaitForSingleObjectEx
QueryDosDeviceW
OpenFileMappingA
ChangeTimerQueueTimer
CreateHardLinkW
DeleteFileA
EnumResourceLanguagesA
ExitProcess
FindNextChangeNotification
FlushViewOfFile
FreeEnvironmentStringsA
GetCommandLineA
GetDevicePowerState
GetEnvironmentStringsW
GetFileSize
GetNamedPipeHandleStateA
GetPrivateProfileIntW
GetProcAddress
GetShortPathNameW
GetTapeParameters
GetTickCount
HeapAlloc
InterlockedExchange
LoadResource

version

VerQueryValueW
VerQueryValueA
VerInstallFileW
VerInstallFileA
VerFindFileW
VerFindFileA
GetFileVersionInfoW
GetFileVersionInfoSizeW
GetFileVersionInfoA
GetFileVersionInfoSizeA

crtdll

tanh
_exit
_finite
_hypot
_mktemp
_popen
_putenv
_strupr
_yn
clearerr
fscanf
iswlower

user32

GetFocus
LoadCursorA
LoadImageA
PostMessageA
SendMessageA
SetFocus
UpdateWindow
DestroyCaret

userenv

DestroyEnvironmentBlock
CreateEnvironmentBlock
ExpandEnvironmentStringsForUserW
FreeGPOListW
GetAppliedGPOListW
GetProfilesDirectoryW
LeaveCriticalPolicySection
RegisterGPNotification
UnregisterGPNotification
EnterCriticalPolicySection

ntdll

NtOpenMutant
NtSetEaFile
RtlSetSaclSecurityDescriptor
NtSetHighWaitLowEventPair
RtlSecondsSince1980ToTime
RtlNtStatusToDosError
RtlGetSaclSecurityDescriptor
RtlFindNextForwardRunClear
RtlFindClearBitsAndSet
RtlAreBitsClear
NtCreateIoCompletion

Exports

Exports

CytTHxriHl
NrPbkytfqF
Yivuo
awftv
isXuw
qbbbyuLzibyerjgi
sxukyqmvtqieBNelv
vplmuavs
wzaOmbfs
xlllqchpxchzxiwIc
yztTqXwgkWiikb

Sections

.text
Size: 47KB - Virtual size: 46KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 457KB - Virtual size: 459KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 51KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

760e8a470ad50170eb9dec948038fa14

Headers

File Characteristics

Imports

rpcrt4

kernel32

version

crtdll

user32

userenv

ntdll

Exports

Exports

Sections

.text Size: 47KB - Virtual size: 46KB

.data Size: 457KB - Virtual size: 459KB

.rsrc Size: 51KB - Virtual size: 51KB

.text
Size: 47KB - Virtual size: 46KB

.data
Size: 457KB - Virtual size: 459KB

.rsrc
Size: 51KB - Virtual size: 51KB